别名为xxx的密钥没有Spring SAML的私钥
我正在尝试测试这个示例应用程序(https://github.com/deeprot/spring-saml-adfs),这是一个简单的Spring SAML示例应用程序,在我的环境中,因此,我有以下错误:
严重:在具有路径 [/Spring安全性 -saml2-样本] 的上下文中,为 Servlet.service() 抛出异常 java.lang.运行时异常:别名为 XXXX 的密钥没有私钥
我在我的KeyStore中导入了IDP系统的CER文件,但是,我没有这个CER的私钥。
有什么想法吗?
日志:
[2016-01-22 13:31:04.586] DEBUG [AntPathRequestMatcher] --- Checking match of request : ''; against '/favicon.ico'
[2016-01-22 13:31:04.595] DEBUG [AntPathRequestMatcher] --- Checking match of request : ''; against '/images/**'
[2016-01-22 13:31:04.595] DEBUG [AntPathRequestMatcher] --- Checking match of request : ''; against '/css/**'
[2016-01-22 13:31:04.613] DEBUG [AntPathRequestMatcher] --- Checking match of request : ''; against '/logout.jsp'
[2016-01-22 13:31:04.613] DEBUG [AntPathRequestMatcher] --- Checking match of request : ''; against '/saml/web/**'
[2016-01-22 13:31:04.614] DEBUG [FilterChainProxy] --- at position 1 of 9 in additional filter chain; firing Filter: 'MetadataGeneratorFilter'
[2016-01-22 13:31:04.615] INFO [MetadataGeneratorFilter] --- No default metadata configured, generating with default values, please pre-configure metadata for production use
[2016-01-22 13:31:04.615] WARN [MetadataGeneratorFilter] --- Generated default entity base URL https://localhost:8443/spring-security-saml2-sample based on values in the first server request. Please set property entityBaseURL on MetadataGenerator bean to fixate the value.
[2016-01-22 13:31:04.631] DEBUG [KeyStoreCredentialResolver] --- Building credential from keystore entry for entityID appus, usage type UNSPECIFIED
[2016-01-22 13:31:04.631] DEBUG [KeyStoreCredentialResolver] --- Processing TrustedCertificateEntry from keystore
[2016-01-22 13:31:04.632] DEBUG [EvaluableCredentialCriteriaRegistry] --- Registry located evaluable criteria class org.opensaml.xml.security.credential.criteria.EvaluableEntityIDCredentialCriteria for criteria class org.opensaml.xml.security.criteria.EntityIDCriteria
Jan 22, 2016 1:31:04 PM org.apache.catalina.core.StandardWrapperValve invoke
SEVERE: Servlet.service() for servlet [default] in context with path [/spring-security-saml2-sample] threw exception
java.lang.RuntimeException: Key with alias XXXX doesn't have a private key
at org.springframework.security.saml.metadata.MetadataGenerator.getServerKeyInfo(MetadataGenerator.java:209)
at org.springframework.security.saml.metadata.MetadataGenerator.buildSPSSODescriptor(MetadataGenerator.java:329)
at org.springframework.security.saml.metadata.MetadataGenerator.generateMetadata(MetadataGenerator.java:189)
at org.springframework.security.saml.metadata.MetadataGeneratorFilter.processMetadataInitialization(MetadataGeneratorFilter.java:127)
at org.springframework.security.saml.metadata.MetadataGeneratorFilter.doFilter(MetadataGeneratorFilter.java:86)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
at org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:192)
at org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:160)
at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:346)
at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:259)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:220)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:122)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:505)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:169)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:103)
at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:956)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:116)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:423)
at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1079)
at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:625)
at org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:316)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
at java.lang.Thread.run(Thread.java:745)
共有1个答案
这与国内流离失所者无关…
at org.springframework.security.saml.metadata.MetadataGenerator.buildSPSSODescriptor(MetadataGenerator.java:329)
您没有SP(Spring Security部分)的正确密钥对。
-
我试图用saml修改spring boot安全性的一个示例程序。https://github.com/vdenotaris/spring-boot-security-saml-sample.我从身份提供者那里获得了证书(.crt),并尝试创建一个示例密钥库(.jks),以在集成到应用程序之前测试我的连接性。我按照以下步骤创建证书。 创建密钥存储 当我试图列出我的密钥库时,我有一个私钥 列出密钥库
-
我试图scp使用2 linux服务器之间的密钥对。我想跟着http://sthen.blogspot.in/2008/03/sftp-i-java-with-jsch-using-private-key.html 我能够在linux服务器之间创建scp文件,但当我执行代码时,会收到错误com。jcraft。jsch。JSchException:UnknownHostKey。知道我做错了什么吗。 过
-
我跟着弗利特。div给出了如何将我的应用部署到google play上的说明,但当我在vs代码中运行Flatter build appbundle时,我遇到了一个问题,它说 执行com时发生故障。Android建筑格雷德尔。内部的任务。Workers$ActionFacade未能从存储“c:\Users\iikxz\upload keystore.jks”读取密钥:在keystore c:\Use
-
问题内容: 我用别名为:的密钥对我的JWS应用程序MemorizEasy进行了签名。 我不记得为什么选择了这么长的别名。我怀疑这只是备忘录,但是在我的项目设置中,我有: 我现在正在更新应用程序,并使用maven将别名指定为: 但这行不通。尝试使用别名的另一个键是可行的。 那我可以更改密钥的别名吗?如果是这样,怎么办?否则,为什么Maven不接受我的别名? 问题答案: 可以使用以下命令在密钥库中复制
-
我们的android项目由移动和wear应用组成(wear应用正在开发中),我们正在尝试发布移动应用。当我们尝试生成签名的apk时,会得到以下消息: 当它读它说失败的任务:磨损:包装eRelease,实际上我们只是选择移动,而选择签署APK。 有人能指出我的错误吗?提前道谢。
-
谢谢!